Fortinet's (FTNT 1.49%) stock plunged 25% on Aug. 4, after the company posted a mixed second-quarter earnings report. The cybersecurity company's revenue rose 25% year over year to $1.29 billion, narrowly missing analysts' estimates by $10 million, but its adjusted earnings grew 58% to $0.38 per share and cleared the consensus forecast by $0.04.
Fortinet's headline numbers looked healthy, but an unexpected reduction to its full-year revenue forecast rattled the bulls and sparked a broad sell-off across the cybersecurity sector. Does that grim warning suggest it's too late to buy Fortinet?
Image source: Getty Images.
What does Fortinet do?
More than two decades ago, Fortinet launched FortiGate, a "next-gen" firewall that provided more network device filtering capabilities than traditional firewalls did. That firewall became the foundation of its "Security Fabric," a comprehensive security platform that provides end-to-end security tools for on-premise, cloud-based, and Internet of Things (IoT) devices through a mix of appliances, on-site software, and cloud services.
Fortinet differentiates itself from its competitors with customized ASIC chips built for its own hardware and FortiOS operating system. It claims these proprietary chips give it a significant advantage against other cybersecurity appliance providers that use off-the-shelf x86 CPUs, programmable chips, and Arm-based chips. It believes the convergence of the cybersecurity, networking, and hybrid cloud markets will drive the market's long-term demand for its services.
Fortinet's growth rates support that bullish long-term outlook. Between 2012 and 2022, its revenue rose at a compound annual growth rate (CAGR) of 24% while its adjusted net income grew at a CAGR of 27%. It currently serves more than 680,000 customers globally, including most of the Fortune 500, so it's often considered a bellwether of the cybersecurity sector. That's why its reduced guidance for the rest of the year caused many other cybersecurity stocks to stumble.
Was Fortinet's outlook that alarming?
As the following table illustrates, Fortinet slightly reduced its revenue and billings estimates for the full year. It blamed that slowdown on the macro headwinds, which forced many companies to rein in the software spending and sign shorter contracts.
|
Metric |
2022 (Actual) |
2023 Outlook (Previous) |
2023 Outlook (Revised) |
|---|---|---|---|
|
Revenue growth |
32% |
23%-24% |
21%-23% |
|
Billings growth |
34% |
21%-22% |
16%-18% |
Data source: Fortinet.
Fortinet also dampened hopes for a quick recovery by predicting that its billings growth rate would remain in the "high teens" thorough the end of 2024. That dim outlook raises some troubling questions regarding its long-term goal of generating $8 billion in revenue and $10 billion in billings by 2025. To hit those targets, it needs to grow its revenue and billings at a CAGR of 22% and 21%, respectively, from 2022 through 2025.
Fortinet didn't reiterate its 2025 targets during its second-quarter conference call. Instead, CFO Keith Jensen said Fortinet might re-evaluate those goals as it enters its "normal planning cycle for 2024" in the second half of 2023.
But on the bright side, Fortinet raised its adjusted gross margin, adjusted operating margin, and adjusted earnings growth estimates for the full year. It still expects its margins to decine year over year as its revenue growth cools off, but it expects its price increases, lower product costs, and cost-cutting measures to cushion that blow.
|
Metric |
2022 (Actual) |
2023 Outlook (Previous) |
2023 Outlook (Revised) |
|---|---|---|---|
|
Adjusted gross margin |
76.3% |
75%-76% |
75.25%-76.25% |
|
Adjusted operating margin |
27.3% |
25%-26% |
25.25%-26.25% |
|
Adjusted EPS growth |
49% |
21%-24% |
25%-29% |
Data source: Fortinet. EPS = earnings per share.
That improved outlook suggests it can still achieve its long-term goal of maintaining an adjusted operating margin of "at least 25%" through 2025. It also indicates it still has plenty of pricing power in the crowded cybersecurity market.
But is it too late to buy Fortinet's stock?
At $57, Fortinet trades at about 38 times this year's earnings per share. That makes it seem cheaper than Palo Alto Networks (PANW 0.47%), which is growing at a similar rate but trades at 48 times forward EPS. CrowdStrike (CRWD 0.97%), which is growing faster than Fortinet and Palo Alto, has a much higher forward multiple of 64.
When I look at Fortinet, I mainly see its resilience during previous economic downturns, its impressive proprietary chips, its stable margins, and its ability to generate consistent profits on the basis of generally accepted accounting principles (GAAP). Its stock might stay in the penalty box until its billings growth accelerates again, but I believe this evergreen cybersecurity company is still a great long-term investment.
Leo Sun has positions in CrowdStrike and Palo Alto Networks. The Motley Fool has positions in and recommends CrowdStrike, Fortinet, and Palo Alto Networks. The Motley Fool has a disclosure policy.
Fortinet's (FTNT 1.49%) magnificent 2023 rally that sent shares to new all-time highs is over -- at least for now. Following second-quarter 2023 financial updates, the market was mighty displeased with management's guidance.
Whenever a stock fetches a high premium, investors expect management to under-promise and over-deliver, not the other way around. Is it time to bail on Fortinet?
Normalization, or outright disconnect with reality?
Fortinet reported Q2 2023 revenue of $1.29 billion, up 26% from last year. Within that total, product sales (like firewalls, a security device to manage traffic into and out of a physical location) increased 18% to $473 million, and services (of which 55% are security software subscriptions, or SaaS) grew 30% to $820 million. Earnings per share were $0.33, up 57%, and free cash flow (FCF) was up 54% to $438 million.
But the problem had little to do with last quarter, but a lot with the future. Earlier this year, management had said billings (invoices sent to SaaS customers for payment due) would rise to $1.56 billion to $1.6 billion as Fortinet's massive product revenue over the last few years starts to translate into more software and service. But Fortinet delivered a real shock when it said those billings ended up being just $1.54 billion, below guidance.
Worse yet, full-year 2023 revenue guidance was lowered as much as $75 million less than previously expected to a range of $5.35 billion to $5.45 billion. The services segment is partly to blame as sales from that segment have apparently been delayed by some customers. However, it also seems that product inventory is in need of being right-sized too.
For investors who follow the semiconductor and computing hardware industries, this likely sounds familiar. There are too many of some data center components on hand at the moment, and the current boom of generative AI servers (mostly Nvidia chips powering services like ChatGPT) have also led a lot of cloud and service providers to rethink and retool their designs. Perhaps this is also ripping into Fortinet's downward revision. Additionally, some retail customers are coping with sluggish consumer spending, and thus are also adjusting their spend on cybersecurity to manage their own flow of cash.
For Wall Street, the big question is now: Is Fortinet simply going through a growth normalization phase after booming financials the last two years, or is management's execution off? The stock price tanking 25% the day following earnings seems to imply bets are on the latter.
Don't get antsy with the sell trigger
The good news is that, as of right now, Fortinet is not altering its 2025 financial targets: $10 billion in annual billings, $8 billion in annual revenue, operating profit margins of at least 25%, and FCF margins of mid- to high-30%.
In another sign of strength, management also increased its share repurchase authorization by another $500 million, leaving $2 billion available for buybacks (or 4% of the new post-stock-crash market cap). That sounds to me like confidence that management still sees its own stock as a good investment.
I've owned shares of Fortinet for nearly five years, and have logged a more than 200% return on my initial investment. I'm not selling, but this situation should be monitored. It sounds like this slowdown in billings should be complete by the end of 2023, and I don't see a reason to seriously doubt Fortinet's long-term health.
After the crash, Fortinet stock trades for 43 times trailing-12-month earnings, or 23 times trailing-12-month free cash flow. If you think profitable growth will continue at a mid-teens percentage clip, this could be an opportunity to nibble.
Nicholas Rossolillo and his clients have positions in Fortinet and Nvidia. The Motley Fool has positions in and recommends Fortinet and Nvidia. The Motley Fool has a disclosure policy.
Puerto Rico was the target of more than one billion attempted cyberattacks in the first half of 2023, according to data from FortiGuard, the threat intelligence and research arm of Fortinet. The automated cybersecurity solution provider recently published its semiannual Global Threat Landscape report.
Among the report’s findings, Latin America and the Caribbean experienced more than 63 billion attempted cyberattacks during the same period. Brazil received the most attempts (23 billion), followed by Mexico (14 billion), Venezuela (10 billion), Colombia (5 billion) and Chile (4 billion).
Increased focus on ransomware
In latest years, FortiGuard Labs has documented substantial spikes in variants of ransomware — which is malicious software, or malware, that locks data until a ransom is paid — largely fueled by the adoption of ransomware-as-a-service (RaaS), a service model where cybercriminals “rent” ransomware. However, there were fewer ransomware detections in the first half of 2023.
Despite the overall decline, organizations should keep their guard up, the report adds. The findings validate the trend that FortiGuard Labs has noted over the last couple of years that ransomware and other cyberattacks are becoming increasingly more targeted, reflecting the increasing sophistication of attackers and the intent to maximize the return on investment for each attack.
Unique exploits on the rise
FortiGuard Labs detected more than 10,000 unique exploits — or software that takes advantage of a bug, or vulnerability, in information systems — in the first half of 2023, an increase of 68% since five years ago. The surge “highlights the sheer number of different types of malicious attacks that security teams” need to be aware about.
The report further notes that there was a more than 75% decrease in exploit attempts per organization, indicating that while exploit variants are on the rise, the attacks have become much more targeted than five years ago.
Wipers used by nation-state actors
A significant focus of the last Global Threat Landscape report was the rise in wiper malware — which erases data from the victim’s system — largely associated with the Russia-Ukraine conflict. FortiGuard Labs continues to track the use of wipers by nation-state entities, and the adoption rate of this malware type among cybercriminals remains trending upward. Targets primarily include the technology, manufacturing, government, telecommunications and health care sectors.
Persistent botnets
One of the alarming findings was the number of “active days” of botnet activity. Botnets are networks of computers that have been infected and controlled by malware. FortiGuard Labs defines “active days” as “the amount of time that transpires between the first hit of a given botnet attempt on a sensor and the last.”
In the first six months of 2023, the average time botnets persisted before command and control (C2) communications — a mechanism used by cybercriminals to control botnets — ceased was 83 days, more than 1,000 times longer than figures from five years ago. This is another example where reducing the response time is critical because the longer organizations allow botnets to linger, the greater the damage and risk to businesses.
Although organizations continue to find themselves in a reactive position due to the growing sophistication of malicious actors and the escalation of targeted attacks, ongoing analysis of the threat landscape helps provide valuable intelligence that can serve as an early warning of potential threat activity and help security leaders prioritize their security strategy.
“Disrupting cybercrime is a global effort that comprises strong, trusted relationships and collaboration across public and private sectors, as well as investing in AI-powered security services that can help overwhelmed security teams coordinate actionable threat intelligence in real time across their organization,” said Derek Manky, chief security strategist and global vice president of Threat Intelligence at FortiGuard Labs. “With targeted threats at an all-time high, security teams cannot afford to sit idle. Fortinet’s FortiGuard Labs continues to provide innovative and actionable intelligence to help security teams proactively prioritize patching efforts and respond to threats faster than ever.”
Access the latest report here.
